Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

LINKS

Blog Contact

LEGAL

Terms of services Privacy policy

CyberSecTools

CyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

LINKS

Blog Contact

LEGAL

Terms of services Privacy policy

Application Security

Essential tools and best practices for securing software applications throughout their lifecycle.Explore 246 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

Home
Categories
Application Security

PINNED

PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
1
Commercial
Offensive Security
Ai
Penetration Testing
Automation
Security Testing
Exploitation
Reconnaissance
Reporting
Security Assessment
Offensive Security
Vulnerability Exploitation
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
1
Commercial
Offensive Security
Ai
Penetration Testing
Automation
+7
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
0
Commercial
Threat Management
Threat Intelligence
Detection Rules
Siem
Security Operations
Cti
Threat Detection
Security Monitoring
Rule Management
Threat Hunting
Security Information And Event Management
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
0
Commercial
Threat Management
Threat Intelligence
Detection Rules
Siem
+7
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
+3

LATEST ADDITIONS

Cognito Scanner
A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation
0
Free
Application Security
Aws
Security
Script
Privilege Escalation
Cognito Scanner
A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation
0
Free
Application Security
Aws
Security
Script
+1
Terrascan
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
0
Free
Application Security
Appsec
Aws
Azure
Cloud
Compliance
Docker
Gcp
Infrastructure As Code
Kubernetes
Security
Terraform
Vulnerability Scanning
Terrascan
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
0
Free
Application Security
Appsec
Aws
Azure
+9
diff-gui
A web-based tool for instrumenting and analyzing Android applications using Flask, Jinja, and Redis.
0
Free
Application Security
Appsec
Apparmor
Appsec Tool
Frida
Mobile Security
diff-gui
A web-based tool for instrumenting and analyzing Android applications using Flask, Jinja, and Redis.
0
Free
Application Security
Appsec
Apparmor
Appsec Tool
+2
ProbeDroid
Dynamic Java code instrumentation kit for Android applications.
0
Free
Application Security
Java
Instrumentation
Dynamic Analysis
ProbeDroid
Dynamic Java code instrumentation kit for Android applications.
0
Free
Application Security
Java
Instrumentation
Dynamic Analysis
yaramod
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
0
Free
Application Security
Yara
Rule Engine
Parser
C
Python
Pip
yaramod
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
0
Free
Application Security
Yara
Rule Engine
Parser
+3
N-Stalker
A web security tool that scans for vulnerabilities and known attacks.
0
Free
Application Security
Appsec
Devsecops
Vulnerability Scanning
Web Security
Xss
Sql Injection
N-Stalker
A web security tool that scans for vulnerabilities and known attacks.
0
Free
Application Security
Appsec
Devsecops
Vulnerability Scanning
+3
Kiterunner
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
0
Free
Application Security
Bruteforce
Api Security
Kiterunner
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
0
Free
Application Security
Bruteforce
Api Security
EoHoneypotBundle
A honeypot trap for Symfony2 forms to reduce spam submissions.
0
Free
Application Security
Honeypot
Spam Prevention
EoHoneypotBundle
A honeypot trap for Symfony2 forms to reduce spam submissions.
0
Free
Application Security
Honeypot
Spam Prevention
DOMPurify
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
0
Free
Application Security
Xss
Security
Javascript
Nodejs
DOMPurify
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
0
Free
Application Security
Xss
Security
Javascript
+1
Tetragon
Real-time, eBPF-based Security Observability and Runtime Enforcement component
0
Free
Application Security
Ebpf
Kubernetes
File Access
Tetragon
Real-time, eBPF-based Security Observability and Runtime Enforcement component
0
Free
Application Security
Ebpf
Kubernetes
File Access
Cyclops
A browser with XSS detection capabilities
0
Free
Application Security
Xss
Browser
Security Testing
Web Security
Windows
Cyclops
A browser with XSS detection capabilities
0
Free
Application Security
Xss
Browser
Security Testing
+2
Mobile Audit
SAST and malware analysis tool for Android APKs with detailed scan information.
0
Free
Application Security
Appsec
Apks
Docker
Malware Analysis
Sast
Security Testing
Mobile Audit
SAST and malware analysis tool for Android APKs with detailed scan information.
0
Free
Application Security
Appsec
Apks
Docker
+3
DVTA - Vulnerable Thick Client Application
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
0
Free
Application Security
Csharp
Net
Vulnerable App
Sql Injection
DVTA - Vulnerable Thick Client Application
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
0
Free
Application Security
Csharp
Net
Vulnerable App
+1
AzureGoat
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
0
Free
Application Security
Azure
Appsec
Web App Security
Owasp
Penetration Testing
AzureGoat
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
0
Free
Application Security
Azure
Appsec
Web App Security
+2

Application Security

RELATED TASKS

PINNED

PTJunior

PTJunior

CTIChef.com Detection Feeds

CTIChef.com Detection Feeds

ImmuniWeb® Discovery

ImmuniWeb® Discovery

Checkmarx SCA

Checkmarx SCA

Orca Security

Orca Security

DryRun

DryRun

LATEST ADDITIONS

Cognito Scanner

Cognito Scanner

Terrascan

Terrascan

diff-gui

diff-gui

ProbeDroid

ProbeDroid

yaramod

yaramod

N-Stalker

N-Stalker

Kiterunner

Kiterunner

EoHoneypotBundle

EoHoneypotBundle

DOMPurify

DOMPurify

Tetragon

Tetragon

Cyclops

Cyclops

Mobile Audit

Mobile Audit

DVTA - Vulnerable Thick Client Application

DVTA - Vulnerable Thick Client Application

AzureGoat

AzureGoat